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AMENDMENT 

In the Claims 

1. (Currently Amended) A computer-implemented method for configuring and 
scheduling a security audit of a computer network comprising the steps of: 

conducting a discovery scan to idmtify an element of the computer network aad 
detemiine the element's functions; 

configuring an audit scan to perform on the element, wherein the audit scan is a 
more thorough scan than the discovery scan; 

scheduling a time to perform the audit scan on the element; 

tunning the audit scan of the element at the scheduled time; 

calculating a security score for the element based on the audit scan b y summing 
one or more vnhierabilities associated with the element: and 

scheduling another time to repeat the audit scan on the element, the scheduling 
based on the results of the audit scan and the security score, 

2. (Original) The method of Claim 1, fbxther comprising the step of configuring a 
subsequent audit scan of the element that is different fiom the audit scan. 

3. (Original) The method of Claim 1, further comprising the step of receiving a 
blackout time during which no audit scan can be scheduled. 

4. (Original) The method of Claim 1, wherein the step of conducting a discovery 
scan further comprises identifying the function of the element. 

5. (Currently Amended) The method of Claim 1, wherein the step of conducting a 
discovery scan further comprises identifying the one or more vulnerabilities associated with the 
element. 
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6. (Original) The method of Claim 1, wherein the step of conducting a discovery 
scan further comprises assigning an asset value for the element, wherein the asset value indicates 
the relative importance of the element in the network. 

1, (Original) The method of Claim 6, wherein the asset value is modified baaed on 
the audit scan. 

8. (Original) The method of Claim 1, ftaher comprising the step of receiving a 
manually selected asset value for the element. 

9. (Original) The mettiod of Claim I» wherein the step of configuring an audit scan 
comprises selecting a type of audit scan based on the discovery scan. 

10. (Original) The method of Claim 1, wherein the step of configuring an audit scan 

comprises: 

retrieving an asset value based on the discovery scan; 

retrieving a scan firequency associated with the asset value, wherein the scan 
frequency indicates how often the scan is perfonned; and 

assigning a role based on the discovery scan, wherein the role indicates the 
function of the element; and 

assigning a poUcy based on the discovery scan, wherein the policy indicates the 
type of audit scan. 

Ih (Original) The method of Claim 1, wherein the step of configuring an audit scan 
comprises manually selecting the type of audit scan. 

12. (Original) A computer-readable medium having computer-executable instructions 
for performing the steps recited in Claim 1 . 
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13. (Currently Amended) A computer-implemented method for configuring and 
scheduling a security audit of a computer network comprising the steps of: 

conducting a discovery scan to identify an element of the computer network; 
configuring an audit scan to perform on the element; 
scheduling a time to perform the audit scan on the element; [[and]] 
running the audit scan at the scheduled time on the elementiand 
calculating a security score for the element based on the audit scan bv summing 
one or more vuhierabiHties associated with the element. 

14. (Canceled) 

15. (Original) The method of Claim 13, further comprising the step of scheduling 
another time to perform the audit scan on the element. 

16. (Original) The method of Claim 13» fuiOier comprising the step of receiving a 
blackout time during which no audit scan can be scheduled. 

17. (Currently Amended) The method of Claim 13, wherein the step of conducting a 
discovery scan fiirther comprises identifying at least one of the functions or the one or more 
vulnerabilities associated with the element 

18. (Original) The method of Claim 13, wherein the step of conducting a discovery 
scan further comprises assigning an asset value for the element. 

19. (Original) The method of Claim 13, wherein the step of configuring an audit scan 
comprises: 

retrieving an asset value based on the discovery scan; 
retrieving a scan frequency associated with the asset value; and 
assigning a tole and a policy based on the discovery scan. 
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20. (Original) The method of Claim 13, wherein the step of configuaing an audit scan 
comprises manually selecting the type of audit scan. 

21. (Currently Amended) A computer-readable medium having computer-executable 
instructions for performing the steps recited in Claim [[1]] 13. 
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22, (Currently Amended) A method for assessing the security of a network 
comprising the steps of: 

receiving an initial scan identifying a network element and the fiinction of the 
network element; 

selecting an audit scan to perform on the network element, the selection based on 
the initial scan, wherein the audit scan is more thorough than the initial scan; 

scheduling the audit scan to perform on the network element; 

pedbmiing the audit scan on the network element at the scheduled time; 

receiving data from the selected audit scan of the network element; and 

computing a security score for the network element from the selected audit scan 
bv summing one or more vuhierabilities associated with the netw ork element. 

23, (Original) The method of Claim 22, further comprisiDig modifying the selected 
audit scan; said modification based on the data received from the selected audit scan. 

24. (Currently Amended) The method of Claim 22, whttdn the step of receiving an 
initial scan comprises: 

identifying an operating system for the network element; 

identifying a service for the network element, the service indicaling the element*s 

function; 

detemuning an asset value of the network element from the operating system and 
the service of the network element, the asset value indicating the relative importance of the 
network element; and 

identifying rFal lat least one vulnerability associated with the network element. 

25. (Original) The method of Claim 22, wherein the step of selecting an audit scan is 
based on the initial scan. 
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26. (Original) The method of Claim 22, wherein the step of selecting an audit scan is 
based on a manual input. 

27. (Original) The method of Claim 22, wherein the step of scheduling the audit scan 
comprises checking a blackout schedule. 

28. (Canceled) 

29. (Original) A computer-readable medium having cotnputer-executable instructions 
for performing the steps recited in Claim 22. 
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30. (Currently Amended) A method for assessing the security of a network 
comprising the steps of: 

receiving an initial scan identifying a network element; 

selecting an audit scan to perfoim on the network element, said selection based on 
the initial scan; 

performing the selected atidit scan on the netwoik; 

receiving data fix>m the selected audit scan of the network element; and 

computing a security score for the network element from the selected audit scan 
by summi^R one or more vulnerabiMtics associated with the network element. 

31. (Original) The method of Claim 30, further cotnpristng the step of scheduling the 
selected audit scan^ said scheduling based on the initial scan. 

32. (Original) The method of Claim 30, further comprising modifying the selected 
audit scan, said modification based on the data received from the selected audit scan. 

33. (Currently Amended) The method of Claim 30, wherein the step of receiving an 
initial scan comprises: 

identifying an operating system and a service for the network element; 
detennining an asset value of the network element from the operating system and 
the service of the network element; and 

identifying f fal lat least one vuhierability associated with the network element. 

34. (Original) The method of Claim 30, wherein the step of selecting an audit scan is 
based on the initial scan. 

35. (Original) The method of Claim 30, wherein the step of selecting an audit scan is 
based on a manual input. 
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36. (Original) The method of Claim 30> wherein the step of scheduling the audit scan 
comprises checking a blackout schedule. 

37. (Canceled) 

38. (Original) A computer-readable medium having computer-executable instructions 
for perfonning the st^s recited in Claim 30. 
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39. (Currently Amended) A system for configuring and scheduling a security audit of 
a computer network comprising: 

the computer network; 

a security audit system operable for conducting a discovery scan to identify an 
element of the computer network^ [[and]] configuring and scheduling an audit scan of the 
elemen t and computing a security score for the network element from the selected audit scan by 
summing one or more vuhierabtlities associated with the network clCTient: and 

a console operable for receiving information from the security audit system and 
transmitting infomiation to the security audit system about the discovery scan and the audit scan. 

40. (Currently Amended) The system of Claim 39^ wherein the security andit system 
is further operable for conducting a discovery scan to: 

identify a function for the element; 
determine an asset value for the element; and 
identify [[a]] at least one vulnerability for the element 

41. (Original) The system of Claim 39, wherein the security audit system checks a 
blackout schedule before scheduling an audit scan. 

42. (Currently Amended) The system of Claim 39, wherein the security audit system 
further comprises a system scanning engine operable for detecting particular one of the 
vuhierabilities on the network element 

43. (Original) The system of Qaim 39, wherein the security audit system fhrther 
comprises an Internet scanning engine operable forperforaiing a discovery scan on the network. 

44. (Currently Amended) The system of Claim 39, wherein the security audit system 
further con[q>rise$ a database scanning engine operable for detecting vuhierabilities 
rrinll assoctated with database elements within the network. 
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45, (Original) The system of Claim 39, wherein the security audit system further 
comprises an active scan engine operable for selecting, coordinating, and scheduling various 
discovery and audit scans to be peribimed on the computer network. 
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